Monday, 3 October 2016

How to hack a Wi-Fi network?

This is a catchall question for Wi-Fi hacking, including password bypass or password recovery (WEP/WPA/WPA2,WPA2-PSK, etc), setting up man-in-the-middle attacks, or other specific techniques to use the network beyond the restrictions set by the network administrator.This question gets asked and re-asked all of the time. This is where the answers are.

Wi fi Hacking(Piggyback) is criminal offence in INDIA

It’s punishable under section 66 of the IT Act.Though you want try it, Here is solution

There are 3 types of Wi-Fi security methods that you would find deployed commonly:1. WEP2. WPA3. WPA2

You need to have an external Wi-Fi adapter that is required to hack a Wi-Fi network. If you want to crack a password that has less security, then you can use plug-n-play wireless USB adapter TP-LINK TL-WN722N

If you need a better range with good quality wireless adapter, then it is recommended to use Alfa AWUSO36NH along with a better antenna.

If you wish to hack Wi-Fi network for Ultimate range Wi-Fi antenna then, you can use TP-LINK TL-ANT2424B 2.4GHz 24dBi .

METHOD 1: HACK Wi-Fi Network using WifiteWifite is a Linux-based platform tool that is available on variant Operating Systems like Kali, Backtrack 5, BlackBuntu, BackBox and Pentoo. Wifite is basically used to attack multiple encrypted networks (WEP, WPA/2 and WPS) in a row that is customized to be automated with only a few arguments. Wifite is a wireless auditing tool that aims to be the “set it and forget it” method of hacking.

Steps to Hack WPA Encryption based Wi-Fi Network

Hacking a Wi-Fi network that uses WPA security encryption is little bit tough when compared to WEP as this is highly protected encryption method. In order to hack this type of Wi-Fi network you need to use Handshake capture.

Handshake Capture:Handshake is a file that can be captured when Router (Wi-Fi Access Point) and client(s) (Laptop, Mobile or other Wi-Fi enabled devices) communicate to authenticate each other. You may have a doubt that, “What is the purpose of this Handshake file?” The main target is to hack Wi-Fi network i.e., password. This Handshake file comprises of Wi-Fi password but in encrypted form.

Brute-Forcing:As the password is in encrypted form, let us try some other password combination on the encrypted password to acquire the original password. This process is known as Brute Forcing that is done offline. By using Brute-Forcing, the password present in the handshake file can be captured easily within few minutes.

Dictionary File:Dictionary is a file that contains all known words from various sources usually phrased as Wi-Fi password.

As soon as you start WPA handshake capture, it displays a message as “Client Found”.

It generates a command using handshake capture (that contains password) as (TEST_C0-A0-BB-04-5C-A9.cap).

The above command cracks the password file that must be saved at /root/DICTIONARY/.

Till now, you have used two WPA attacks that are completed successfully.

A password file usually contains words that are created using combination of different characters, numbers and special symbols. A password requires a lot of computational power if it a strong password including numbers and other special characters.

METHOD 2: HACK Wi-Fi Network using WIFIPHISHER

Wifiphisher is a security tool that mounts the fast automated phishing attacks which are against WPA networks so as order to acquire all the secret passphrase of the particular Wi-Fi network. Unlike other methods of hacking, Wifiphisher is a type of social engineering attack that does not include brute forcing. It is very easy way to obtain WPA credentials of the users whom you wish to hack.

How it Works?

Wifiphisher is a tool that is used to hack a Wi-FI network and this attack makes use of three phases:

PHASE 1:

Victim is being deauthenticated from their access point.

Wifiphisher tries to jam all the target access point’s wifi devices continuously that are available within range by sending deauth packets to the client from the access point.

It discovers all the networks that are available in the access point range.

This tool alters the access point of all the devices through the main server and broadcasts the address along with the deauth packets.

It starts generating fake access points by copying an access point from a set of access points.

PHASE 2:

This is the second phase where the Victim joins a rogue access point.

It asks for password authentication and in the backdrop, the tool tries to copy all the credentials of the possible Wi-Fi networks.

Wifiphisher sniffs the area and copies the target access point’s settings.

Now, this tool creates a rogue wireless access point that is modeled on the target by setting a NAT/DHCP server and forwards the right ports.

Consequently, because of the jamming, clients will start connecting to the rogue access point. After this phase, the victim is Mitimed.

PHASE 3:

Victim is being served a realistic router config-looking page where the Wifiphisher tool employs a minimal web server that responds to HTTP & HTTPS requests.

As soon as the victim requests a page from the Internet, wifiphisher responds with a realistic fake page that asks for WPA password confirmation due to a router firmware upgrade.

Till now you have seen two techniques to hack Wi-Fi WEP, WPA/WPA2 Security using Wifite and WIFIPHISHER. By using these two server attacks, you can easily crack the Wi-Fi network.